MindDump, Photos, Random Ramblings.

Tag Archives: Ubuntu

Sorry for the large gap in my posting. I’ve just moved to London and whilst my work is internet-related, did not feel it right for me to use the office PCs & net connection to blog, whilst I await a broadband service to be connected at home 🙂

I do like to keep some separation between home and work.

Anyway, I finally signed out the office 3G USB stick, so that I can have internet access at home. (To check it works, when I go on-call this weekend and get woken up at stupid hours in the morning when servers go down, because trust me. They will. Of course. That is the only reason. Being able to blog again is only a happy side effect. *ahem* 😉 )

So far, it seems to work ok. I’ve not had any problems really, apart from having to add a new section in my firewall configuration so that the relevant holes will be opened in my laptop’s defence. If you’re interested (comment) I’ll post the version of the stick we’ve got, and how to make it work in Hardy.

Also, this connection is of course, compressed like nothing by Vodaphone. So much so that images coming down look… well very bad. Anyway, as most of what I do online is text based, I’m not crying too much. Just one question, for those of you with 3G compressed data-sticks: Is the upstream also compressed to corruption? I’m asking, as I have a set of images from my camera, that I really should look at uploading, but I don’t want them to be compressed on the way to flikr, or this site.

I’ve been taught a couple of command line tips at work, and thought it wouldn’t be fair if I didn’t pass them on. So, we begin.

CTRL-R

This insanely useful trick, in a terminal or a console, will allow you to search your bash history for any command you’ve previously run and re-run it. For example, quite often on my laptop, type “CTRL-R upg” in a terminal window, which runs the following command:

sudo apt-get update && sudo apt-get upgrade -y

If you don’t know, that command updates your package repository listing (what programs have been updated), and then goes and upgrades all of the packages that have been upgraded, with the only exception of the more significant upgrades, like to the kernel. (A human has to activate those particular upgrades – and the -y tag doesn’t signify human, as that command can be cron jobbed very easily…)

CTRL-O

This one I was taught in my interview for Positive Internet. (So, I’d better not get this wrong! ;))

If you have run a series of commands in a terminal or console repeatedly, say editing a file, doing a config check and then restarting apache (as I have done whilst I’ve been playing with my Apache2 config file for this blog), then this little switch is priceless. Basically, once you hit the up arrow to find the command you wish to use, hitting CTRL-O instead of Enter, will execute the command, and then once you’re back at the shell prompt list the next command in the series. So for the first set of commands:

The benefit? The second time round, once I found and initiated the series of commands, I didn’t need to type anything, other than the changes to the config file, and the initiating control sequences. Annoyingly, you can’t just hit CTRL-O once, and then expect to be in the chain next time you hit enter – hitting enter won’t provide you with the next command in the chain once you’re finished. Although, this of course can be a good thing, if you want to return to a clean command prompt.

Hopefully one of those will be useful to you.

Ubuntu-UK Planet, Caffeine and Rambling.

For some strange reason, the Ubuntu UK planet didn’t pick up my last post as a new post. Possibly because it got a little confused with the server move and IP address change? Anyway, for those of you reading this on the planet, I have a post about a couple of the tools that come with apache2 on my blog. Not much, but hopefully interesting.

Caffeine: I’ve pretty much overdosed this evening. Head’s swimming right now, and the screen appears to be filling my vision (hence the more than normal ramblingness [yes I invented a word :)] going on in this post). Stayed on at work for an hour and a half, pushing me closer to the tiredness limit. So, on the way home I drank a bottle of Coca Cola, (the tube section) and a small americano coffee (the train section). It kept me awake (yay!) at the cost of me being a little… jumpy at the moment. Still, it’ll wear down shortly, especially since I finished my food about 20 minutes ago. That always helps clear the caffeine effect. So, shortly I’m going to crash from my caffeine high, and be a Zombie. Hopefully won’t be that way tomorrow morning, but at least I can sleep on the train in and if I’m lucky and get a next-to-the-door seat on the tube quickly, on the tube in. (The glass to your left or right acts as a good, if a little hard, pillow. The glass behind you, unfortunately, moves too much, and gets painful quite quickly.)

Right. I can feel myself starting to slow down, so I’d better sign off before the Zombieness (Yay for creating random useless words!) comes into play.

Hello all. I seem to be gaining books at an alarming rate, what with my current commute. So, I am going to give you first refusal (before I put these up on Bookmooch) on two sets of Elizabeth Moon books. Both of which I would love to be able to keep, but which I don’t have the space to.

So without further ado, I am offering these books to the first person who emails/comments for them. Full postal addresses if you please, UK preferred, but I will send to the US if asked.

The Serrano Legacy – 3 compendiums (paperback)

Vatta’s War – 5 books (paperback)

I also have Kevin J Anderson’s the Saga of the Seven suns, collection or close only (All 7 books. Its big. I live near London. Email for more info)

James Patterson’s Four Blind Mice. As this came from the US, I’d be quite happy to ship it back there.

My Email address is: kirrus@kirrus.co.uk

In unrelated stuff, I let my 5-a-day launchpad group subscription expire this weekend. Boy, it doesn’t half nag you! I got an email every day for _7_ days, saying “you’ll get one more email, when its expired”. Annoying by half. Unfortionatly with my nasty commute, I’ve not got the energy required for triage 🙁

I thought it was probably a good time for another Ubuntu-related post, so here we go.

Window Selection

Something I found on one of my explorations, is this really handy feature (handy for me at least), which allows you to give a window “focus” (or selection) merely by putting your mouse over it. To activate it, click on “System”, go to “Preferences”, and then click on “Window”. Up pops a small selection window.

As you can see, I’ve ticked “Select windows when the mouse moves over them”. You can also have windows be raised to the top of the screen if you hold your mouse over them for a certain length of time. As my collegue at work found, setting the interval to “0” is not very useful…

There are a couple of other tweaks you can make here. I’ll let you explore them on your own 🙂

Always on Top

“Always on Top” allows you to basically tell the system that you want a window to be the upper-most on the screen, no matter what else you do. You can’t “Raise” anything above it. I tend to use this little gem with my next tip.

Set a window to be always on top by right clicking on the title bar (the big orange bar at the top of the window, which contains the minimize, maximize and close buttons). Click the “Always on Top” option. That window will now stick on top of your screen. Undo it, by right clicking again on the title bar, and clicking “Always on Top” again.

Password Gen (pwgen)

pwgen is a small, neat, command-line program to quickly generate fairly easy-to-remember, fairly secure passwords. You can install it by clicking here, or going to whichever package manager you prefer (synaptic, Add-Remove Programs, apt-get or aptitude) and installing “pwgen”.

Use it simply by typing “pwgen” in a terminal (“Applications” > “Accessories” > “Terminal”). I tend to run it with the command “pwgen 8 1”, which generates one 8 character password.

Now, if you’re adding a lot of users to a system or something (I am currently at work), using a combination of these tips will save you time… I’ll leave it up to you to work out how to combine them. (Hint: resizing a terminal window like I did above is a good starting point.)

The following is a random update, covering everything from my explorations of Linux to life stuff. Feel free to skip if you don’t care 🙂

Hardy Release Party

Was really nice, once I’d got past my initial reluctance to go and the butterflies in my stomach as I traveled to it. I said on IRC before I left, that the first person to recognise me, would get a drink on me. Daviey failed, he was outside having a cigarette when I finally arrived. To be fair, he wasn’t on the IRC channel when I said about the free drink… I managed to get lost, walking from the tube (Embankment) on the way to the pub – asked directions three times. Had the obligatory chat with Daviey about asterisk (I like asterisk!) and some of the pros and cons of the FreePBX interface add-on. (As suggested by Popey on the mailing list. Thanks!)

I went in with Daviey, and saw Alan Pope. He was in the middle of a conversation, but was about to say “hello Kirrus” to get his free drink, when Josh (Jerichokb) popped up, and nabbed it first :). Funnily enough, we had this conversation on IRC before I left:

I had a really nice time, which is *really* unusual for me in a room with that many people in it. (I don’t do lots of people… I normally can’t cope, and leave asap, or sit in a corner hiding…). Sad to leave at 9, but I got lost 4 times(!) on my way back to the tube station, (asking for directions each time… one guy gave me dogy ones…). Next time I find a good map. Missed the train I was aiming for, and ended up taking the last train, got home midnight. (Yes, three hours travel. Missing the train will do that for you.)

Distro Experimentation / Hard Drive Failure

Well, my CentOS install died with my harddrive, about 2 days after my posting about it. CentOS is useable, and is quite nice, though I didn’t reinstall it when my new drive arrived. Unfortionatly, it turns out that my new drive has some bad blocks on it. Repaired the filesystem using “e2fsck -c” on the live cd, and reinstalled gutsy. Upgraded to Hardy RC. A lot of work. I’m going to have to boot back into the LiveCD sometime and check the filesystem again, to see if there’s any more corruption. If so, I’m going to have to get another Harddrive, and RMA this one. Just what I didn’t need with my dwindling savings and no job. Update:(Thanks, as always, to the Ubuntu-UK irc guys for the help and advise as I tried to repair my partitions)

Jobs

I’ve had 2 interviews so far, one at Codian, one at Canonical. I’d really like to get the Canonical one (working in a datacentre, looking after servers), as it sounds like an enjoyable thing to do, that and giving me plenty to learn. But, I don’t think I will. (Heh – my natural state after any interview. Then getting the job is a pleasent surprise rather than a disappointment.) Millbank tower is NICE, and the commute into Vauxhall fairly simple.. I just take a slow train from a town about 3 and a half miles away… an hours walk, or 15/30 minutes cycle depending on the traffic, and which way you’re going. (To is easier. One big hill up, then mostly downhill to the station.) I’m still awaiting a reply from Canonical HR about blogging guidelines as applied to interviewees, so I won’t go into too much detail about that interview here. Suffice to say, it was interesting.
The Codian interview was by far the most difficult, I was asked a tonn of questions by three different people, over 2 hours. Decimal to binary (on a whiteboard).. I’m a bit rusty at, not having done it much before, but got there in the eventual end. Decimal to Hexadecimal, mathmatics is not my strong point, but again, got there in the end. (6E == 110).Very friendly receptionist 🙂

Well, its a couple of days into my trial and I’ve settled into Centos. (I went with Centos instead of Fedora, as its closer to RedHat according to the #ubuntu-uk guys andylockran & popey [Thanks!], which is the OS I really was aiming to play with.)

I’ve had a couple of niggles, like the old version of Firefox (1.5x series instead of 2x) on Centos, the ease of installing java etc… Its only when you step away from Ubuntu that you realize just how advanced it actually is!

So far, I’ve installed 4 rpm packages manually, and compiled one successfully. (I tried to compile the last.fm client, but it wasn’t playing ball. I’ll get it working eventually…)

The package I compiled was pamusb, a really cool utility to allow you to use a USB key for authentication on your system, literally, you can use it to login with, use sudo commands without passwords, etc. I’ll probably post a guide at some point. From looking around on the web, it works better with Ubuntu than Centos as the packages you need are in Ubuntu’s repos. I’m not sure whether that includes the pam configuration you have to do, but I’d expect so.

You can get pamusb here: http://www.pamusb.org/ (or as mentioned, in the Ubuntu Repositories) [Update: Don’t use the Ubuntu Repository version: its out of date]

Centos’s graphical package manager isn’t anything as nice as Ubuntu’s, but the command line “yum” is certainly better, giving more information in “yum search <package or purpose>” than a “apt-cache search <package>” would.

With this reinstall I put /home/ on a separate partition, so that should make jumping easier. I’ll probably try Fedora at some point… and Debian….

Once upon a time there was no internet crime. Then humans came along…

Recently, we came under attack from the Storm / Nuwar Botnet. The post I made about it on the third of October: We had mis-identified it as a referral spam attempt. Close, but no cigar.

Now, I’ve always tried to keep my name & employer from becoming too widely spread on the interweb, although there is a couple of really, really easy ways you can find it, just from this website. (One of them being, ask me 😉 )

It appears, that as a result of the two posts I’ve made about the Storm Worm, someone decided to DDOS not this blog, but my employer’s un-related servers, attacking one of our customers’ managed servers, and then our webmail server. (This blog is hosted from servers in the same rack as those servers.)

At its peak, the attack was drawing 8Mbps of data transfer. (About 1MB per second.)

Graph is read from right to left. <<<<<<< Time Flows that way. <<<<<<<

You can see at 0930, when I got in work and started combating the attack. We only really stopped it the morning this graph just ends on…

Only problem, was that they were flooding our server with requests, literally using every available incoming connection on the server all the time.

For non-techies, a web site is hosted by a computer somewhere on the interweb,
that never gets turned off, connected to a really thick pipe to the internet.
Its configured to accept a certain number of new people visiting its website(s)
at once.

We’ve now completely mitigated this attack (to the point, where at most now its drawing 50kbps 1). Technically, we can mitigate (and sustain) a much more serious attack. This was basically a “Get Lost, and STOP POSTING ABOUT US” poke.

An expensive poke. A sustained 8Mbps transfer rate is expensive in bandwidth!

So far (*wanders off to check*) we’ve identified 23,265 ip addresses which have tried to attack us. That’s a lot of infected computers, but it could have been worse.

It appears the attack has been petering out, we are identifying one new bad ip (infected computer) once every 30-60 seconds. At its peak, we were picking up at least one new ip every second.

If we have another look at that graph of the attack:

The attack started at 1AM GMT, and ramped up to full power in about 20 minutes. That means that it takes the Nuwar / Storm botnet about 20 minutes for a command to filter down into its bots.

At the beginning of the attack, the pattern we were seeing was a bad request from one ip, then 3 different bad requests, then back to the first IP. Sometime during the attack, I think about 1400 or 1500 (2 – 3pm) they switched to hitting us repeatedly from one ip address, showing that someone was probably monitoring at least a small part of this attack, and had noticed that we’d started to block the attacks.
Now, this happened quite a while ago.

So why haven’t I posted about it yet? Why has it taken me 2 weeks to blog about this?

Because, its only now that we feel that we are able to safely weather another attack, should the Zhelatin Gang decide to start poking us again. If they didn’t like me posting what I have, they’re not going to like me posting this.

A message to them: I do not like bullies. Go pick on someone your own size for a change.
Thanks to stopddos.org, for analysing the logs and identifying Storm as our attackers.

UPDATE 20/10/07: A little while ago I sent a part of our logs for geographical analysis to one of the nice guys at castlecops.com.
Here is the graph that resulted from that. This is the top 5 attackers from country, in a pie chart. As you can see, Germany (Country Code DE) was the biggest, closely followed by the US. If you want to see other attack graphs, go here: http://www.spamtrackers.eu/wiki/index.php?title=Botnet_hosting (ours is listed there as BB, moved around to match up with the others, and slightly tweaked.)

Here are just some morsels of information about the Linux Command line, and more specifically, Ubuntu Linux Command line / system.

Users can be added to a group with the command:

sudo adduser <username> <groupname>

In ubuntu, the default system shell is “Dash”. That does speed up your system boot, but it also introduces problems with those scripts which are designed to run in bash, but use /bin/sh to execute. (Which is a surprising amount… this has solved many problems for me. Especially with Asterisk and freePBX.)

To set Ubuntu back to using bash from dash, run the following command…

cd /bin && sudo rm sh && sudo ln -s /bin/bash /bin/sh

To add a user to the sudoer list (the list that controls who can use “sudo”) use the command

sudo visudo

Add a user underneath the “# User privalage specification” comment. If you want just a bog standard sudo user, able to do all on the system, add the line:

<username> ALL=(ALL) ALL

?Fun? tip: add “insults” to the end of the list of “Defaults” in visudo, so it will look like:

Defaults !lecture,tty_tickets,!fqdn,insults

The system will insult you every time you enter your sudo password wrongly. For a random example, it just gave me this when I deliberately triggered it:

You speak an infinite deal of nothing

In Firefox, select the address bar quickly by hitting the “F6” key.

Type “pwd” to get the full path to your current directory. e.g.:

kirrus@asus:~$ pwd
/home/kirrus

Monit is a useful program, that gives you a good way of keeping an eye on your servers, making sure they don’t run out of harddisk space, or get a high CPU load. It can either perform some function (like stopping a program from running) during high CPU, or send you a warning email.

Configure Open Office Predictive Text

Here are a couple of things you can try to make it more useful.
Click on “Tools” > “AutoCorrect…” > Click on the “Word Completion” tab.

Increase the minimum word length.

Make sure that the minimum word length is at least 8. Less than that, and you’re going to get it trying to auto complete too-short words, and get confused. More than 8, it will trigger less often. Tweak this for how much you want to use the predictive system.

Delete False Positives

Sometimes, the predictive system just gets confused. An example of this, is if you have used “Disneyland” in a document, and then want to type “Disney” Open Office will keep auto-completing to “Disneyland”. Really, not helpful.

To fix this the only response, is to find and delete the offending word from the predictive system. Click on the word you want to remove (In this case, Disneyland), and click the “Delete Entry” button.

Note: The image has been cropped to make it fit. The dialogue box is longer than this.

Disable Open Office Predictive Text

If you just can’t get it quite to work how you want, then your last resort is to disable the feature. Click on “Tools” > “AutoCorrect…” > Click on the “Word Completion” tab.

Now, untick the box that says “Enable Word Completion”. Your Open Office will no longer automatically try to predict what you’re typing.

Note: if you leave “collect words” ticked, the system will still collect words to Auto Complete, but won’t actually use them. If you’re just turning the feature off for a little while, leave it ticked. Otherwise, untick it, to save memory, and a little bit of processor power whilst you’re working.

Effectively, by this tutorial, we will be disabling logins on the ubuntu box, and just using gdm and the x-server to talk to a server on the local network using XDMCP. This means, that you’ll actually login to the remote server, and use the remote servers’ data and processing power.

WARNING: This will disable GUI access to your computer!
DON'T do this to a machine which you want to use without having to
play around with the X configuration files in command line.

In ubuntu, you can switch all logins to XDMCP quite simply. Here is the Howto:

Click on System > Administration > Login Window

Enter your password (if requested)

Click on the security tab

Click on the “Configure X Server” button in the bottom right hand corner of the window. This pops up:

Change the “Launch” value from “Greeter” to “Chooser”

Click close twice, and log off

Hit CTRL – ALT – BACKSPACE together, to restart GDM. You should now have a XDMCP host searching window, which will locate any computers which have had XDMCP logins activated. If you want a howto for setting up a server for that, please comment!

Cool links

Privacy & Cookies. This site uses cookies, and stores data you provide. I have to tell you this now because reasons. To request I delete your data (email address, commenter name) email me surrik@kirr.us. Accept to hide this warning. Read more on the cookies in the link;
Cookie Policy